Reputation: 620
Using Apigee as auth store alternative to Auth0
Background
I'm looking into securing a selection of APIs for a client. I'm pretty familiar with the Auth0 offering and quite confident that it will serve me well as an auth provider.
The APIs will be deployed on GCP (Google Cloud Platform) and I've been looking into using Apigee to manage the life cycle of my APIs.
Question
Does Apigee offer an auth store for users similar to what Auth0 offers or is Apigee's OAuth implementation limited to application level authentication using Consumer Key and Consumer Secret as described here?
Upvotes: 2
Views: 569
Answers (1)
Reputation: 577
Apigee OAuth implementation is not limited to Consumer Key/Secret (client credentials grant) but you also can implement different OAuth grant types. Apigee can generate/validate JWT and it's own opaque tokens.
The problem is that Apigee does not provide Identity Provider (IdP) service, it means that it does not have a store for user credentials. You may utilize Apigee's BaaS (Backend-as-a-Service) to store users or integrate Apigee with other IdPs, but there's no built-in solution to authenticate users.
Upvotes: 2
Related Questions
- Support for OAuth 2.0 PKCE
- What is the difference between GCP endpoint and Apigee
- Let Apigee do authentication (oauth) for client
- Endpoints Portal with Auht0 authentication
- Google Endpoints with Auth0 Integration
- APIGEE external OAuth 2.0 Authorization
- Apigee OAuth with REST authentication API
- ApiGee OAUTH Authorization
- Apigee: Add login with an existing OAuth 2.0 id-provider
- Apigee token management and username/password OAuth authentication